Más contenido relacionado Similar a 090910hbstudy#3-BGP (18) 1. BGP
12 Sep 2009
ShakeSoul, Inc.
2. • •
• BGP • EC2 BGP
•
•
• BGP
• /
doc. ver. 1.0 ShakeSoul, Inc.
3. • ID : d_sea
• http://www.hatena.ne.jp/d_sea
•
• 2002-2006 : IRI/BBTower(iDC) internet
• 2007-2009.01: 3D “meet-me”
• 2009.02- : (www.shakesoul.net)
•
doc. ver. 1.0 ShakeSoul, Inc.
4. • BBTower
BGP
•
• BGP
w
•
doc. ver. 1.0 ShakeSoul, Inc.
5. BGP internet
• BGP internet
• BGP internet
• internet BGP
1
• internet AS
internet
BGP
AS AS
AS AS
doc. ver. 1.0 ShakeSoul, Inc.
6. BGP
• BGP : Border Gateway Protocol
• BGP-4 : RFC1771
•
• AS prefix (IP
)
nexthop
• IPv6 BGP-4+
doc. ver. 1.0 ShakeSoul, Inc.
7. BGP
• BGP Layer 3
• AS (prefix) 1
• /8 /24 OK
• AS prefix best path
(advertise)
• internet 26 (2009.06)
• internet full route
• 1 best path
doc. ver. 1.0 ShakeSoul, Inc.
8. AS
•
• OCN(4713) SoftbankBB(24256) BIGLOBE(2518)
• Sakura internet(9370), BBTower(9607)
• Web
• Google(15169), Yahoo!Japan(23816), mixi(38651)
•
[TODO] AS JPNIC list
http://www.nic.ad.jp/ja/ip/as-numbers.txt
whois -h whois.nic.ad.jp “AS 9607”/e
doc. ver. 1.0 ShakeSoul, Inc.
9. peer
• AS 1 1 BGP ( 1 1)
• peering
• TCP 179
• Idel => Connect => Active => OpenSent => OpenConfirm =>
Established
• config AS IP address peering
MD5 password
• peer
• peer (
)
peer peer AS2
AS4 AS1
AS3
doc. ver. 1.0 ShakeSoul, Inc.
10. • (source) (destination)
• source destination
(route)
• 1hop
A
destination
source B X
X ABC ...
C
doc. ver. 1.0 ShakeSoul, Inc.
11. BGP
1. AS (source) destination IP address
2. destination IP address prefix prefix
AS
3. AS path
BGP destination path
full route
AS(Upstream) 2 peering
doc. ver. 1.0 ShakeSoul, Inc.
12. BGP
AS1 1. AS1 AS7 best path AS2
2. AS4 (peer down)
AS2 AS3 3. AS4 peering AS2 BGP
update
4. AS2 update AS1
AS5
AS1 BGP update
AS4
5. update AS7
AS6 AS3 best path
AS7 6. AS3
doc. ver. 1.0 ShakeSoul, Inc.
13. BGP
AS1 1. AS1 AS7 best path AS2
2. AS4 (peer down)
AS2 AS3 3. AS4 peering AS2 BGP
×
update
4. AS2 update AS1
AS5
AS1 BGP update
AS4
5. update AS7
AS6 AS3 best path
AS7 6. AS3
doc. ver. 1.0 ShakeSoul, Inc.
14. BGP
AS1 1. AS1 AS7 best path AS2
2. AS4 (peer down)
AS2 AS3 3. AS4 peering AS2 BGP
×
update update
4. AS2 update AS1
AS5
AS1 BGP update
AS4
5. update AS7
AS6 AS3 best path
AS7 6. AS3
doc. ver. 1.0 ShakeSoul, Inc.
15. BGP
update 1. AS1 AS7 best path AS2
AS1
2. AS4 (peer down)
AS2 AS3 3. AS4 peering AS2 BGP
×
update update
4. AS2 update AS1
AS5
AS1 BGP update
AS4
5. update AS7
AS6 AS3 best path
AS7 6. AS3
doc. ver. 1.0 ShakeSoul, Inc.
16. BGP
update 1. AS1 AS7 best path AS2
AS1
2. AS4 (peer down)
AS2 AS3 3. AS4 peering AS2 BGP
×
update update
4. AS2 update AS1
AS5
AS1 BGP update
AS4
5. update AS7
AS6 AS3 best path
AS7 6. AS3
doc. ver. 1.0 ShakeSoul, Inc.
17. AS9607
• AS
AS prefix
AS iBGP
best path
metric 80
9370
localpref 100
59.106.0.0/17
Community: 9607:13
Sakura
9607:3249
23816 metric 100
• best path
localpref 200
203.216.224.0/19
Yahoo Community: 9607:11
•
Japan 9607:3193 9607:23816
metric 100
38651 localpref 90
110.44.176.0/21 Community:
mixi 2516:1010 9607:3249
•
doc. ver. 1.0 ShakeSoul, Inc.
18. • /
traffic • Local_Preference
Local
• AS_Path
1
Preference
• MED(Multi Exit Discriminator)
2 AS Path path • Community
• Router ID
3 MED
• config
LP, MED /
4 Community
• [TODO] Looking Glass
5 Router ID
• http://lg01.colo01.bbtower.ad.jp
doc. ver. 1.0 ShakeSoul, Inc.
19. BGP config
Router C-1
interface Gi 0/0
ip address 10.2.255.1 255.255.255.252
ISP A
10.2.0.0/16 ....
AS2 router ospf 1
passive-interface Gi0/0
network 10.2.255.0 252.255.255.255 area 0
Router A-1
....
.2 router bgp 1
network 10.1.0.0 mask 255.255.0.0
BGP 10.2.255.0/30 neighbor 10.2.255.2 remote-as 2
neighbor 10.2.255.2 route-map SAMPLE-IN in
.1 neighbor 10.2.255.2 route-map SAMPLE-OUT out
....
Router C-1
route-map SAMPLE-IN permit 10
set local-preference 200
set community 1:2
AS1 route-map SAMPLE-IN permit 20
10.1.0.0/16 match as-path 222
Customer route-map SAMPLE-OUT permit 10
set metric 10
ip as-path access-list 222 permit ^(2_)+$
doc. ver. 1.0 ShakeSoul, Inc.
20. demo: Amazon EC2 BGP
@Aamazon EC2
instance 1
• Amazon EC2 2 instance
10.2.0.0/16
AS65002
bgpd
• Quagga(Zebra)
(Quagga)
10.209.162.213
• bgpd.conf peer
10.254.202.228
bgpd
(Quagga)
• route-map
AS65001
10.1.0.0/16
10.11.0.0/16
10.111.0.0/16 • [TODO] ssh login
instance 2
doc. ver. 1.0 ShakeSoul, Inc.
21. static 1ISP 2
BGP
default route BGP
Internet 1. 1 peer ( )
2. (filter deny
ISP A
)
Router A-1 Router A-2 3.
(deny filter )
4. 1
default route
0.0.0.0/0
Router C-1 Router C-2 5. 2
6. Router C-1/2 default route (BGP
default route )
0.0.0.0/0
ECMP(OSPF) 7.
Customer prefix: 10.0.0.0/8
doc. ver. 1.0 ShakeSoul, Inc.
22. static 1ISP 2
BGP
default route BGP
Internet 1. 1 peer ( )
2. (filter deny
ISP A
)
Router A-1 Router A-2 3.
(deny filter )
4. 1
peering
default route
0.0.0.0/0
Router C-1 Router C-2 5. 2
6. Router C-1/2 default route (BGP
default route )
0.0.0.0/0
ECMP(OSPF) 7.
Customer prefix: 10.0.0.0/8
doc. ver. 1.0 ShakeSoul, Inc.
23. static1ISP 2
BGP
default route BGP
Internet 1. 1 peer ( )
2. (filter deny
ISP A
)
Router A-1 Router A-2 3.
prefix: Full Route
(deny filter )
4. 1
peering
default route
prefix: 10.0.0.0/8
0.0.0.0/0
Router C-1 Router C-2 5. 2
6. Router C-1/2 default route (BGP
default route )
0.0.0.0/0
ECMP(OSPF) 7.
Customer prefix: 10.0.0.0/8
doc. ver. 1.0 ShakeSoul, Inc.
24. static1ISP 2
BGP
default route BGP
Internet 1. 1 peer ( )
2. (filter deny
ISP A
)
Router A-1 Router A-2 3.
prefix: Full Route
prefix: Full Route
(deny filter )
peering 4. 1
peering
default route prefix: 10.0.0.0/8
prefix: 10.0.0.0/8
0.0.0.0/0
Router C-1 Router C-2 5. 2
6. Router C-1/2 default route (BGP
default route )
0.0.0.0/0
ECMP(OSPF) 7.
Customer prefix: 10.0.0.0/8
doc. ver. 1.0 ShakeSoul, Inc.
25. static1ISP 2
BGP
default route BGP
Internet 1. 1 peer ( )
2. (filter deny
ISP A
)
Router A-1 Router A-2 3.
prefix: Full Route
prefix: Full Route
(deny filter )
peering 4. 1
peering
prefix: 10.0.0.0/8 prefix: 10.0.0.0/8
Router C-1 Router C-2 5. 2
6. Router C-1/2 default route (BGP
default route )
0.0.0.0/0
ECMP(OSPF) 7.
Customer prefix: 10.0.0.0/8
doc. ver. 1.0 ShakeSoul, Inc.
26. BGP
Internet
AS2 AS3 • full route upstream 2
• IX peering
upstream
• L2 1 interface
Router Router
C-1 C-2
• AS private
AS1 peering
Router Router Router
C-3 C-4 C-4
• prefix
public peer
IX
(Internet eXchange) private peer
•
• peer
AS10 .... AS n AS4
doc. ver. 1.0 ShakeSoul, Inc.
27. • BGP
AS1
• peer
prefix internet
• prefix
10.0.0.0/16 AS2
AS2 AS3 • AS BGP prefix filter
10.0.0.0/16 192.168.0.0/24 full route ( 26
) config
doc. ver. 1.0 ShakeSoul, Inc.
28. • BGP
AS1
• peer
prefix internet
• prefix
10.0.0.0/24 AS3
10.0.0.0/16 AS2
AS2 AS3 • AS BGP prefix filter
10.0.0.0/16 192.168.0.0/24 full route ( 26
) config
doc. ver. 1.0 ShakeSoul, Inc.
29. 10.0.0.0/24
AS2 AS3
• BGP
AS1
• peer
prefix internet
• prefix
10.0.0.0/24 AS3
10.0.0.0/16 AS2
AS2 AS3 • AS BGP prefix filter
10.0.0.0/16 192.168.0.0/24 full route ( 26
) config
doc. ver. 1.0 ShakeSoul, Inc.
30. 10.0.0.0/24
AS2 AS3
• BGP
AS1
• peer
prefix internet
• prefix
10.0.0.0/24 AS3
10.0.0.0/16 AS2
AS2 AS3 • AS BGP prefix filter
10.0.0.0/16 192.168.0.0/24 full route ( 26
) config
doc. ver. 1.0 ShakeSoul, Inc.
31. 10.0.0.0/24
AS2 AS3
• BGP
AS1
• peer
prefix internet
• prefix
10.0.0.0/24 AS3
10.0.0.0/16 AS2
AS2 AS3 • AS BGP prefix filter
10.0.0.0/16 192.168.0.0/24 full route ( 26
10.0.0.0/24 ) config
AS3 AS2
Web
doc. ver. 1.0 ShakeSoul, Inc.
32. BGP
AS2
192.168.0.0/18
•
Router
IGP(Interio Gateway Protocol)
192.168.100.0/30 .1 EGP(Exterio Gateway Protocol)
peering .2
Router_B • IGP OSPF RIP EGP BGP
10.1.0.1
BGP
192.168.0.0/18
192.168.100.1
nexthop
• BGP nexthop AS
IGP
192.168.100,1 ....
Router_C
IGP
192.168.100,1 nexthop •
10.1.0.1 IGP
AS1
10.1.0.0/18
doc. ver. 1.0 ShakeSoul, Inc.
33. internet
• BGP
AS1
•
config
AS3
AS2
AS4 Local Preference
AS6 •
AS5
destinatoin AS
AS7
AS1 AS5
•
internet
doc. ver. 1.0 ShakeSoul, Inc.
34. internet
AS7 AS2 • BGP
AS1
•
config
AS3
AS2
AS4 Local Preference
AS6 •
AS5
destinatoin AS
AS7
AS1 AS5
•
internet
doc. ver. 1.0 ShakeSoul, Inc.
35. internet
•
• internet BGP AS BGP best
path
• 26 (2009.06)
• BGP IGP
BGP
•
• AS AS
•
• 100
doc. ver. 1.0 ShakeSoul, Inc.
36. BGP
• JPNIC • BGP
• AS • BGP
• Prefix : IP • config
• full route •
• Cisco 6500 CRS-1,
Juniper M10i • SNMP trap syslog
/
• 2
• BGP full route •
• 2
doc. ver. 1.0 ShakeSoul, Inc.
37. BGP
/
• •
• 1 ISP • BGP
•
• BGP
ISP
•
• • /
•
doc. ver. 1.0 ShakeSoul, Inc.
38. BGP
•
•
•
• 1 interface
• 1 ISP
•
•
doc. ver. 1.0 ShakeSoul, Inc.
39. • BGP
• Web BGP
BGP
•
or
•
• JANOG
doc. ver. 1.0 ShakeSoul, Inc.
40. Thank You!!
Any Question?
doc. ver. 1.0 ShakeSoul, Inc.
